Hi Ismael,
did you configured snmp on the switch and in the packetfence's switch
config ?
Regards
Fabrice
Le 2015-11-05 15:02, ismael flavio silva a écrit :
Hello
I have a doubt
I'm setting up the PF 5.4.0 with the service radius (dlink 2000 AP +)
the manual says the process has to be done with the port-security.
- It is necessary to add the AP in floating device.
- The PF 5.4.0 know that is the floating device and automatically
configures for port-security.
but I have a problem, Cisco does not accept me devices due to the
violation. As PF automatic configure what can I do to solve the problem?
PF LOG
Nov 05 18:49:59 pfsetvlan(2) WARN: couldn't get MAC at ifIndex 1. This
is a problem. (pf::Switch::_getMacAtIfIndex)
Nov 05 18:49:59 pfsetvlan(2) WARN: Tried to grab MAC address at
ifIndex 1 on switch 192.168.137.254 for 2 minutes and failed
(main::handleTrap)
Nov 05 18:49:59 pfsetvlan(2) INFO: cannot find MAC (maybe we found a
VoIP, but they don't count here). Do nothing (main::handleTrap)
Nov 05 18:49:59 pfsetvlan(2) INFO: finished (main::cleanupAfterThread)
Nov 05 18:50:09 pfsetvlan(1) INFO: nb of items in queue: 1; nb of
threads running: 0 (main::startTrapHandlers)
Nov 05 18:50:09 pfsetvlan(1) INFO: up trap received on 192.168.137.254
ifIndex 20 (main::handleTrap)
Nov 05 18:50:09 pfsetvlan(1) INFO: The logs shows that the last device
pluged was a floating network device. We may have missedthe LinkDown
trap. Disabling floating network device configuration on the port.
(main::handleTrap)
Nov 05 18:50:09 pfsetvlan(1) INFO: Disabling LinkDown traps on port 20
(pf::floatingdevice::disablePortConfig)
Nov 05 18:50:09 pfsetvlan(1) INFO: Setting port 20 to MAC detection
Vlan. (pf::floatingdevice::disablePortConfig)
Nov 05 18:50:09 pfsetvlan(1) INFO: There is a floating device on
192.168.137.254 port 20 (pf::floatingdevice::portHasFloatingDevice)
Nov 05 18:50:09 pfsetvlan(1) ERROR: Use of uninitialized value $mac in
concatenation (.) or string at /usr/local/pf/lib/pf/locationlog.pm
line 502.
(pf::locationlog::locationlog_synchronize)
Nov 05 18:50:09 pfsetvlan(1) INFO: Not adding locationlog entry for
mac because it's plugged in a floating device enabled port
(pf::locationlog::locationlog_synchronize)
Nov 05 18:50:09 pfsetvlan(1) INFO: Should set 192.168.137.254 ifIndex
20 to VLAN 4 but it is already in this VLAN -> Do nothing
(pf::Switch::setVlan)
Nov 05 18:50:09 pfsetvlan(1) INFO: Enabling access control on port 20
(pf::floatingdevice::disablePortConfig)
Nov 05 18:50:10 pfsetvlan(1) WARN: couldn't get MAC at ifIndex 20.
This is a problem. (pf::Switch::_getMacAtIfIndex)
Nov 05 18:50:10 pfsetvlan(1) INFO: finished (main::cleanupAfterThread)
Nov 05 18:50:15 pfsetvlan(4) INFO: nb of items in queue: 1; nb of
threads running: 0 (main::startTrapHandlers)
Nov 05 18:50:15 pfsetvlan(4) INFO: MAC 02:00:00:00:00:20 is a fake
MAC. Stop mac handling (main::handleTrap)
Nov 05 18:50:15 pfsetvlan(4) INFO: finished (main::cleanupAfterThread)
CISCO LOG
Switch#
00:05:29: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation
occurred, caused by MAC address c8f7.335f.975e on port FastEthernet0/20.
Thanks
------------------------------------------------------------------------------
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
